NST Systemshttps://www.nstsystems.com
Just another Vertical Axion Network siteThu, 21 Mar 2019 17:20:37 +0000en-UShourly1https://wordpress.org/?v=4.7.12Progressive Web App Office Software Coming To Windows 10https://www.nstsystems.com/2019/03/21/progressive-web-app-office-software-coming-to-windows-10/
https://www.nstsystems.com/2019/03/21/progressive-web-app-office-software-coming-to-windows-10/#respondThu, 21 Mar 2019 15:00:00 +0000https://www.nstsystems.com/2019/03/21/progressive-web-app-office-software-coming-to-windows-10/Microsoft has recently announced a new addition, coming soon to the Microsoft Store. A free Office progressive web app (PWA), which is slated to replace the My Office app that comes pre-installed on Windows devices. The new app is functionally similar to the Office App you're currently using, but it brings some exciting new features into play that users and IT managers alike will love.

In addition to being a central window giving you a birds' eye view of your recent documents, contacts, and various Office files (Word, Excel, PowerPoint, Outlook), it also serves as a bridge between working offline and working online with Windows 10.

Users will be able to access Office apps installed locally on their devices, as well as web apps. They will also have a view into locally stored files as well as files stored on the cloud, which in the Microsoft ecosystem, generally means SharePoint and OneDrive.

In addition to that, because it's a Progressive Web App, it can work offline as well and be pinned to the taskbar, just as you can do with a native Windows App. The only catch is that you'll need to be running the 1803 version of Windows 10 (or later versions) to make use of the new capabilities.

Although individual users will no doubt find a lot to be excited about, the company's own statements make it clear that they've designed it with IT managers specifically in mind. That is, given that it will allow managers to customize the Office app with company branding and allow users to access a variety of third-party apps through the lens of the Office app.

In tandem with this announcement, Aaron Gustafson (from the Microsoft Edge browser development team) also announced that the next version of Edge will be built around Chromium and will allow users to install PWA's from the browser itself. That build brings Edge back to par with both Google Chrome and Mozilla's Firefox.

These are all excellent moves, and we can't wait to start playing with the new app. Kudos to Microsoft.

]]>https://www.nstsystems.com/2019/03/21/progressive-web-app-office-software-coming-to-windows-10/feed/0Google Security Device Had A Microphone Nobody Knew Abouthttps://www.nstsystems.com/2019/03/20/google-security-device-had-a-microphone-nobody-knew-about/
https://www.nstsystems.com/2019/03/20/google-security-device-had-a-microphone-nobody-knew-about/#respondWed, 20 Mar 2019 15:00:00 +0000https://www.nstsystems.com/2019/03/20/google-security-device-had-a-microphone-nobody-knew-about/Google has found itself in hot water for something they claim to be an honest mistake and oversight. Owners of the company's popular Nest Guard (the centerpiece to their Nest Secure home alarm system) have recently discovered a microphone hidden in the guts of the device. The microphone wasn't mentioned in the product's specification sheet, which has creeped out consumer groups around the country and the world.

Google claims that their intention from the beginning was to incorporate Google Assistant functionality into the design. This of course would necessitate the presence of a microphone, making their failure to mention it nothing more than an oversight. Unfortunately, consumer groups don't seem to be finding that explanation convincing, which explains the push back the company is suddenly getting.

To be fair, Google Assistant functionality would be a superb addition to Nest Secure, but people should be aware of what precisely they're getting when they open their wallets and buy a new product. Especially given the fact that there have been a number of high-profile instances where data captured by microphones embedded in a variety of consumer products has already been mishandled and misused.

It ultimately doesn't matter how many people would or wouldn't have made the purchase had they known about the presence of the microphone. The central issue is that they purchased a product without realizing it could be used to record them.

These days, privacy concerns are increasingly on everyone's mind and with good reason. Every day, what remains of our privacy seems increasingly under attack. Innocent oversight or not, this was an unnecessary invasion of that privacy, and advocacy groups are justified in calling the company out for it.

If you don't yet own a Nest Secure, but have been considering buying one, be aware. There's a microphone embedded in it.

]]>https://www.nstsystems.com/2019/03/20/google-security-device-had-a-microphone-nobody-knew-about/feed/0New Malware Is Coming Through Messaging Appshttps://www.nstsystems.com/2019/03/19/new-malware-is-coming-through-messaging-apps/
https://www.nstsystems.com/2019/03/19/new-malware-is-coming-through-messaging-apps/#respondTue, 19 Mar 2019 15:00:00 +0000https://www.nstsystems.com/2019/03/19/new-malware-is-coming-through-messaging-apps/As if your stressed IT staff didn't have enough to deal with, there's a new threat to be on the lookout for.

Researchers at the antivirus company Avast have discovered a new strain of malware that can spread by way of Skype and Facebook Messenger spam messages. The malware, called "Rietspoof" is described as a multi-stage malware strain.

It was first discovered back in August of last year, and until recently, didn't raise any eyebrows because it was seldom used. That has now changed. There's been a notable uptick in the number of instances of Rietspoof detected on the web.

As malware goes, Rietspoof by itself isn't all that threatening. Its goal is merely to infect as many devices as possible, serving as a bridge between an infected device and a command and control server that allows other strains of malware to be systematically injected onto infected systems.

Rietspoof accomplishes this goal by placing a shortcut (LNK file) in the Windows Startup Folder. This is one of the critical folders that Avast and other major antivirus programs monitor rigorously. However, Rietspoof has managed to slip through the cracks, bypassing security checks because it is signed with legitimate certificates.

The malware's infection cycle consists of four discrete steps. Three of them are dedicated to establishing a Rietspoof beachhead on a target system, and the fourth is reserved for the downloading of more intrusive and destructive malware strains.

According to the research team that discovered it, since they first began tracking the malware, it has undergone a number of incremental changes. That lead them to the conclusion that Rietspoof is a work in progress and currently undergoing testing and further development.

Although it may have limited functionality now, that could very easily change as the hackers behind the code continue to modify it. Be sure your IT staff is aware, and stay vigilant!

]]>https://www.nstsystems.com/2019/03/19/new-malware-is-coming-through-messaging-apps/feed/0Malware Stealing Usernames And Passwords At Alarming Rateshttps://www.nstsystems.com/2019/03/18/malware-stealing-usernames-and-passwords-at-alarming-rates/
https://www.nstsystems.com/2019/03/18/malware-stealing-usernames-and-passwords-at-alarming-rates/#respondMon, 18 Mar 2019 15:00:00 +0000https://www.nstsystems.com/2019/03/18/malware-stealing-usernames-and-passwords-at-alarming-rates/Much discussion has been had about the fact that hackers are becoming increasingly sophisticated, and their methods ever-increasing in their complexity. While that's certainly true, more complex isn't always better.

Take, for example, the malware called Separ, which is a credential-siphoning bit of code, first detected in late 2017.

Separ has benefitted from ongoing development by the hackers controlling it, but what sets it apart from other malware strains is that it's almost deceptively simple, and that simplicity is a big part of its success.

The program is surprisingly good at evading detection, thanks to clever use of a combination of short scripts and legitimate executable files that are commonly used for completely benign purposes. This allows them to blend in and be utterly overlooked by most detection routines.

The most recent iteration of the software is embedded in a PDF. When an unsuspecting user clicks to open the file, Separ runs a chain of other apps and file types commonly used by System Admins. The initial double click runs a simple Visual Basic Script (VBS), which in turn, executes a batch script.

The batch script sets up several directories and copies files to them. Then it launches a second batch script, which opens a decoy image to high command windows, lowers firewall protections, and saves the changes to an 'ipconfig' file.

Then, it gets down to its real work, again, relying on completely legitimate executables to collect passwords and move them to the hackers' command and control server.

According to Guy Propper, (the team lead of Deep Instinct's Threat Intelligence group):

"Although the attack mechanism used by this malware is very simple, and no attempt has been made by the attacker to evade analysis, the growth in the number of victims claimed by this malware shows that simple attacks can be very effective. The use of scripts and legitimate binaries, in a 'living off the land' scenario, means the attacker successfully evades detection, despite the simplicity of the attack."

Be sure your IT staff aware. It's not always the most complex forms of malware that can get you.

]]>https://www.nstsystems.com/2019/03/18/malware-stealing-usernames-and-passwords-at-alarming-rates/feed/0Apple Developers Will Make Apps Usable On All Deviceshttps://www.nstsystems.com/2019/03/16/apple-developers-will-make-apps-usable-on-all-devices/
https://www.nstsystems.com/2019/03/16/apple-developers-will-make-apps-usable-on-all-devices/#respondSat, 16 Mar 2019 15:00:00 +0000https://www.nstsystems.com/2019/03/16/apple-developers-will-make-apps-usable-on-all-devices/Apple recently announced an important strategic change in direction that's great news for developers. In their next SDK release, developers will be able to build a single app that will work on every iPhone, iPad, and Mac the company makes.

The benefits to developers are obvious, with the biggest being a general reduction of development time.

There will be no need to make three different variants of an app to cover the entire Apple ecosystem. It will also mean more potential customers if a development group has been focused on only one segment of that ecosystem.

The change will also give Apple a powerful advantage in that eventually, the company will be able to merge the Mac App Store and the App Store for iOS. That will reduce their digital footprint and make managing their vast holdings easier. In addition to that, it will streamline the approval process, allowing developers to submit a single binary for all Apple devices.

According to a statement recently published by the company, the new development kit could be pushed out by as early as June, which is generating a tremendous amount of excitement in the Apple development community.

Obviously, consumers will see a big win here as well. Once the changes are complete and the two app stores are merged, there will be a single official hub where Apple users can get all their favorite Apps. They won't even have to worry about cross-device compatibility, which will improve the overall user experience.

The bottom line is that it will make things easier for developers, make managing the process easier for Apple, simplify things, and improve the user experience for the legions of end users in Apple's ecosystem. Kudos to the company for making the move. Exciting changes are ahead!

]]>https://www.nstsystems.com/2019/03/16/apple-developers-will-make-apps-usable-on-all-devices/feed/0Another Point Of Sale Data Breach Hits Retailershttps://www.nstsystems.com/2019/03/15/another-point-of-sale-data-breach-hits-retailers/
https://www.nstsystems.com/2019/03/15/another-point-of-sale-data-breach-hits-retailers/#respondFri, 15 Mar 2019 15:00:00 +0000https://www.nstsystems.com/2019/03/15/another-point-of-sale-data-breach-hits-retailers/Another week, another data breach. This time, the target of the breach was North Country Business Products (NCBP), a company that makes point of sale (POS) terminals for businesses.

Although NCBP was the target, they weren't the ultimate victims of the breach. Hackers infiltrated NCBP's network and installed malware onto the company's POS terminals.

These were then sold to businesses around the country. In all, according to the latest information published by NCBP about the incident, a total of 139 business locations received these poisoned POS terminals. This allowed hackers to gain control of any payment information processed through those terminals.

In all, NCBP POS systems are installed in more than 6500 locations nationwide, meaning the scope and scale of this breach was approximately 2 percent of the company's installed terminal base.

So far, North Country's handling of the incident has been admirable. The breach occurred on January 3rd, 2019. The company discovered it on January 30th, but noted that the attackers ceased all activity on January 24th when they began detecting investigators probing for their presence.

NCBP has informed law enforcement, enlisted the aid of a third-party forensic investigator, and have published a list of all infected POS terminals on their website. All of the invested terminals are bars, coffee shops, or restaurants, with an even mix of standalone businesses and franchises.

The investigation into the matter is still ongoing. As yet, NCBP and the agencies assisting them have not determined exactly what the impact is or has been for each of the affected businesses.

All that to say, if you own an NCBP POS device, be sure to head to the company's website to find out if your business is on the list of impacted customers. If so, you may have already been contacted by the company.

]]>https://www.nstsystems.com/2019/03/15/another-point-of-sale-data-breach-hits-retailers/feed/0Safari On Mac Now Vulnerable To Browser History Thefthttps://www.nstsystems.com/2019/03/14/safari-on-mac-now-vulnerable-to-browser-history-theft/
https://www.nstsystems.com/2019/03/14/safari-on-mac-now-vulnerable-to-browser-history-theft/#respondThu, 14 Mar 2019 15:00:00 +0000https://www.nstsystems.com/2019/03/14/safari-on-mac-now-vulnerable-to-browser-history-theft/There's a new macOS security flaw you and your staff need to be aware of. It was discovered by Jeff Johnson, the developer of the Underpass app for both Mac and iOS, and the StopTheMaddness Safari browser extension.

Fortunately, the new flaw is not one that can be exploited remotely. Users would have to be tricked into installing a malicious app via social engineering or other tricks.

On the other hand, the flaw is critical and impacts all known macOS Mojave versions.

Mr. Johnson had this to say about the matter:

"On Mojave, certain folders have restricted access that is forbidden by default. For example, ~/Library/Safari. In the Terminal app, you can't even list the contents of the folder. However, I've discovered a way to bypass these protections in Mojave and allow apps to look inside ~/Library/Safari without acquiring any permission from the system or from the user. There are no permission dialogs. It Just Works. In this way, a malware app could secretly violate a user's privacy by examining their web browser history."

Johnson reached out to Apple privately and shared the full details of the flaw, but refused to provide more details than the above to the general public, saying that since the issue has yet to be patched, he does not want to put macOS users at risk.

Although Apple has formally acknowledged his report, the company has to this point provided no information on some things. This includes what level of importance they're giving a fix for the issue, and what their time frame might be in terms of issuing a fix.

It's a serious issue, no doubt, but there's a lack of public details about it. The fact that it can't be executed remotely suggests it's not as big a threat as it could be. Even so, be mindful of it until Apple issues a fix.

]]>https://www.nstsystems.com/2019/03/14/safari-on-mac-now-vulnerable-to-browser-history-theft/feed/0Right Clicking In Gmail Will Unveil Its New Featureshttps://www.nstsystems.com/2019/03/13/right-clicking-in-gmail-will-unveil-its-new-features/
https://www.nstsystems.com/2019/03/13/right-clicking-in-gmail-will-unveil-its-new-features/#respondWed, 13 Mar 2019 15:00:00 +0000https://www.nstsystems.com/2019/03/13/right-clicking-in-gmail-will-unveil-its-new-features/When is a right click more than just a right click? When Google reveals its latest changes to Gmail, of course!

The tech giant has recently announced that they're going to be overhauling Gmail's right click menu options. This will enhance its value by adding more and better functionality, with an eye toward improving the overall user experience.

The current right click menu offers the following functionality:

Move to Tab

Archive

Mark as Read

Delete

The coming changes will expand to include:

Search options

Reply and Forward functionality

Snooze

Mark as Unread

Movement Options

Labeling

The option to open an email in a new tab

You won't have to take any action to gain the benefits of these new features. The pending update will make them available to all Gmail users automatically.

In terms of a time frame, Rapid Release domains will begin receiving the update on February 11th 2019 although it can take up to fifteen days for the new features to become visible. The roll-out to the general public is slated for February 22nd, although it could be up to three days before the new menu options become visible to all users.

These are fantastic additions and we can hardly wait to start using them. Odds are excellent that Google's recent changes will have ripple effects that extend far beyond Gmail, too. The reality is that menu functions tend to get taken for granted. At this point, they're so well established and entrenched that most people don't even consider the possibility of tweaking them to improve overall functionality.

That's unfortunate, but given the coming changes, the hope is that it will prompt other email providers and software vendors in general to go back to the drawing board and reassess their time-honored menu options to see what other improvements can be realized.

Hackers have successfully attacked the system and wiped all data from all of its servers in the US.

All data on those servers has been lost. That means every email you had in your inbox and everything you had archived is gone.

According to a company spokesman, "At this time, the attacker has formatted all the disks on every server. Every VM is lost. Every file server is lost. Every backup server is lost."

The hackers made no attempt to lock files and ransom them. They simply went in and destroyed, opting for maximum damage, and they succeeded. Although attempts are being made to restore the data, the outlook isn't good. Odds are overwhelmingly against anyone ever getting so much as a single email back. Even if some data is ultimately recovered, users should not expect to get more than a fraction of their data back.

At this point, the company's website is up and running again, but all of its secondary domains are down. These include:

Toothandmail.com

Powdermail.com

Openmail.cc

Offensivelytolerant.com

Metadatamitigator.com

Manlymail.net

Clovermail.net

Mail-on.us

Chewiemail.com

When you log onto your VFEmail account, you'll be greeted with an empty inbox.

This isn't the first time that VFEmail has come into the crosshairs of a hacking group. In late 2015 a group called the Armada Collective targeted VFE and others with a massive DDoS attack, demanding ransom payments to halt the attack. Unfortunately, this time, the hackers weren't interested in taking prisoners or making money.

Sadly, this isn't the first time a company has been brought to almost complete destruction. In 2014, a company called Code Spaces was forced to close its doors when hackers breached their system and did the same thing.

If it can happen to Code Spaces and VFEmail, it can happen to your company too. Beware.

]]>https://www.nstsystems.com/2019/03/12/email-provider-vfemail-had-all-data-destroyed-by-attacker/feed/0Photo Site 500PX Hit With Data Breach Recentlyhttps://www.nstsystems.com/2019/03/11/photo-site-500px-hit-with-data-breach-recently/
https://www.nstsystems.com/2019/03/11/photo-site-500px-hit-with-data-breach-recently/#respondMon, 11 Mar 2019 15:00:00 +0000https://www.nstsystems.com/2019/03/11/photo-site-500px-hit-with-data-breach-recently/Do you use the photography network 500PX? If so, be advised that it has been breached by hackers. If you were a 500PX user on or before July 5, 2018, you are among the impacted users.

The company discovered evidence of the breach on February 8th, and overall, to this point, their handling of the issue has been admirable.

They promptly contacted and are presently working with both law enforcement and a third-party security firm. They have alerted all impacted users of the incident. By this point, you should have already received some type of communication from the company.

According to the official statement put out by 500PX, when the hackers gained access, they were able to glean at least some, (and possibly all) information contained in the user's profile. This information includes user name, password, location, any biographical information you may have entered, your education, and your photo (if you've included one in your profile).

The company took the step of force-resetting all user passwords, including those they do not believe to have been impacted by the breach. So the next time you log in, don't let that take you by surprise.

It should go without saying, but if you're still using the same password across multiple web properties, it's a practice you need to stop immediately. If you've used the same password you use on 500PX on some other site, be sure to change it as well. Don't give the hackers an easy way to cause you further harm.

Unfortunately, those are all the details we have about the breach currently. Although the company has promised to keep everyone updated as their investigation into the matter continues and as further details come to light. In the immediacy, the most important next step is to log in and reset your password.